漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
User Submitted Posts < 20260608 - Unauthenticated Stored XSS via Author Name
Vulnerability Description
The User Submitted Posts WordPress plugin before 20260608 does not escape a submitted value before outputting it in an admin-configured display template, leading to a Stored Cross-Site Scripting that can be triggered by unauthenticated users when a non-default display option is enabled.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Jeff Starr User Submitted Posts 跨站脚本漏洞
Vulnerability Description
plugin-planet user submitted posts是plugin-planet个人开发者开源的一套用户提交内容插件。 Jeff Starr User Submitted Posts 20260608之前版本存在跨站脚本漏洞,该漏洞源于未对提交的值进行转义,导致存储型跨站脚本攻击,可在启用非默认显示选项时由未经验证的用户触发。
CVSS Information
N/A
Vulnerability Type
N/A